It's also worth mentioning that keygens are much more valuable to bad actors than cracks, becausea keygen can be used on the real application, vs the bad actor having to distribute a modified,cracked version of the application.
But remember, a crack != a keygen, so your application's licensing always runsthe risk of being circumvented via code modification. But license keys cannotbe forged when you utilize a licensing system built on modern cryptography.
I've been using computer for 20 years and I've used many antivirus. And I have had many \"cracking software\" laying around on the various PCs that I have used. These include keygen, software cracks/patchers and game hacks (wallhacks, aimbots, multihacks and etc).
Because virusscanners don't like it when their paid software is cracked, it will mark any crack or keygen as unsafe to protect itself, but it is also possible that someone creates a crack and puts in a virus so that this person can later collect information about who uses their crack etc...
When it comes to knowing if keygens, cracks, hacks, etc... contain actual malicious code, I have no answer to it. It can be, and its possible it is not the case. It is often true that in order for a crack to work, it has to perform functions that viruses also do, which is why most cracks are seen as dangarous. Their tasks cannot be distinquished from viruses.
TL;DR: It does so because those cracks/keygens/etc contain a signature of the virus it detects. Whether or not it is real and why it detects that, can't be answered. Its different per usecase and per virusscanner. 153554b96e